Facebook continues to face scrutiny in Europe over its privacy practices.
CNET

Facebook is facing more pressure from European regulators concerned about its privacy policies.

Government privacy regulators from France, Spain and Italy recently joined a regulatory group already looking into how the company deals with the personal data it collects from its users, The Wall Street Journal reported Thursday. They are investigating two issues in particular. The first: How Facebook may be combining information from Instagram, WhatsApp and its other services to target ads toward its users. The second: How Facebook uses its to track the browsing activity of its users.

Led by Dutch regulators, the probes have also pulled in Germany and Belgium. That differs from past investigations into Facebook, which typically were conducted solely in Ireland, which is home to the company's European headquarters. But countries in the European Union are increasingly joining forces to challenge US companies they believe may be running afoul of European privacy laws.

If the investigations move forward, Facebook could face a fine in the millions of euros and be ordered to modify its business practices in Europe.

Facebook has argued that the countries involved in these probes don't have the authority to investigate it since its European privacy policy is governed by the data regulators in Ireland. But some regulators in Europe said that they should not be limited from looking into Facebook's practices simply because of Ireland's oversight. Ireland's own privacy regulator has said that it "does not claim exclusive competence or jurisdiction" over Facebook, according to the Journal.

"The fact that another authority has investigated doesn't mean we must censor ourselves, especially when our citizens are concerned," Mathias Moulin, leader of the Facebook probe for French privacy regulator CNIL, told the Journal.

In response to a request for comment, a Facebook representative said: "Facebook follows European data protection law. Our international headquarters in Dublin was established under EU law as the data controller for people using our service in Europe and is subject to local regulatory oversight." The spokesperson added: "This means we are not only subject to EU data protection law, but we also routinely review product and policy updates with our regulator, the Irish Data Protection Commissioner."

Facebook has asserted it has not yet been contacted by the regulators in France, Spain or Italy about their investigations. The company declined to respond to questions it received from the privacy regulator in Germany, citing a lack of jurisdiction, according to the German regulator.

Facebook has already been accused of violating European privacy laws. In February, a report authorized by the Belgian government's Privacy Commission found that the company failed in its attempt to update its terms of service and data policy to comply with European privacy laws. Put into effect on January 30 of this year, the terms are designed to explain how Facebook can use site information for advertisements.

The two groups who put together the report -- the University of Leuven's Interdisciplinary Centre for Law & Information and Communication Technology and the Free University of Brussels' Department of Studies on Media, Information and Telecommunication -- found no drastic changes to the new terms of service.

"Most of Facebook's 'new' policies and terms are simply old practices made more explicit," the two groups said. "Our analysis indicates, however, that Facebook is acting in violation of European law."